[jwmullally]

I agree. Copy+pasting an old comment of mine from this old thread https://news.ycombinator.com/item?id=12683924

> A general solution to IoT security would be for all IoT devices to only communicate to your personally owned home gateway, which would run open-source drivers for each device to provide the networking/external communication functionality. The IoT device could even be assigned its own isolated network link to the router (i.e. sandboxed).

[ocdtrekkie]

This is how my home works. My automation devices use Insteon, which is local only communication, and then my computer has an adapter for it that I wrote the software for.

[wepple]

This is a great solution to the ownership problem, but now each individual is responsible for patching and updating their 25 devices? Doesn't solve the security problem.

[pmontra]

The home gateway could download the patches and send them to the devices. Its firewall will prevent them to phone home or somewhere else no matter what into those patches.